carbon-design-system
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass safety filters or override the agent's core instructions. The content is strictly limited to UI design guidance.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials, or suspicious network operations were identified. The network references are limited to legitimate CDNs (unpkg.com, Google Fonts).
- [Obfuscation] (SAFE): No encoded text, zero-width characters, or hidden unicode markers were found in the skill or reference files.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references well-known packages (@carbon/react, sass) and assets from trusted CDNs. No piped remote execution or dynamic code evaluation patterns were detected.
- [Privilege Escalation] (SAFE): No commands for elevating system privileges (e.g., sudo, chmod) or modifying system configurations were present.
- [Persistence Mechanisms] (SAFE): No attempts to create scheduled tasks, modify shell profiles, or install background services were detected.
- [Metadata Poisoning] (SAFE): The metadata (name, description) accurately reflects the technical contents of the skill without deceptive instructions.
- [Indirect Prompt Injection] (SAFE): The skill does not demonstrate a surface for ingesting untrusted external data into the agent's prompt context beyond its static design references.
- [Dynamic Execution] (SAFE): No use of eval, exec, or runtime compilation of generated source code was found.
Audit Metadata